Privacy Policy

Effective date: 1 May 2026 · Last updated: 1 May 2026

1. Overview

PCMonitor ("we", "our", "the Service") is a team productivity monitoring tool operated by Imazyn ("Company"). This Privacy Policy explains what data PCMonitor collects, why we collect it, how it is stored, and the rights of both organisations (Managers/Admins) and individuals (Employees) whose data is processed.

By installing the PCMonitor Agent or using the PCMonitor Dashboard, you agree to this policy. If you do not agree, do not use the Service.

2. Who This Policy Covers

  • Managers / Admins — individuals who create an account and manage the PCMonitor dashboard.
  • Employees / Team Members — individuals who install the PCMonitor Agent on their work computer at the direction of their employer.
  • Visitors — individuals who visit monitor.imazyn.com without installing the agent.

The organisation (Manager/Admin) is the data controller for Employee data. PCMonitor acts as a data processor on the organisation's behalf.

3. What Data the Agent Collects

The PCMonitor Agent, once installed and consented to by the employee, collects:

✅ What IS collected

  • Name and executable path of the foreground application (e.g., "Google Chrome", "chrome.exe")
  • Window title — truncated to 200 characters (e.g., "Jira — Sprint Board")
  • Start time, end time, and duration of each foreground session
  • Idle time (time with no keyboard or mouse input for more than 5 minutes)
  • Keystroke count per session (number of keys pressed — NOT the actual keys)
  • Mouse movement statistics: speed, direction changes, click frequency
  • Screenshots — only when enabled by admin, at configurable intervals, always disclosed to employee
  • Device IP address (for session correlation and offline gap detection)

🚫 What is NEVER collected

  • Actual keystrokes or typed text (passwords, emails, messages, documents)
  • Clipboard contents (copy/paste data)
  • File names, file contents, or file system access
  • Browser history, bookmarks, or saved passwords
  • Email contents or attachments
  • Audio, video, or microphone input
  • Location or GPS data

Password fields are automatically detected by application name (e.g., 1Password, LastPass, login windows). Keystroke counts from these fields are masked in all reports.

4. Employee Consent

Employees must complete the setup wizard before the agent begins collecting data. The wizard:

  • Displays a full list of what is and is not tracked
  • Requires checking an explicit consent checkbox
  • Shows whether screenshots are enabled
  • Cannot be skipped or pre-confirmed by the manager on behalf of the employee

If an employee declines consent, the agent will not install or collect data. The employee's decision is logged.

5. How Data Is Used

  • To display team activity data to authorised managers on the PCMonitor dashboard
  • To generate AI-powered daily summaries of employee activity using Claude AI (Anthropic). Only app names and time durations are sent — no window titles, keystrokes, or screenshots
  • To detect anomalous mouse patterns (fake activity detection)
  • To send daily digest emails to designated manager email addresses
  • To provide employees with their own productivity stats and summaries

We do not sell, rent, or share individual employee data with any third party for advertising or commercial purposes.

6. Data Storage and Security

  • All data is transmitted over HTTPS (TLS 1.3)
  • Self-hosted deployments store all data on the organisation's own server — PCMonitor never has access to it
  • Cloud deployments store data in isolated PostgreSQL databases, one per organisation
  • Passwords and API keys in the database are stored as SHA-256 hashes — never in plain text
  • Screenshots are stored as files accessible only via authenticated requests
  • Admin password is required for all sensitive dashboard operations

7. Data Retention

Data typeDefault retentionConfigurable
Activity sessions & app usage90 daysYes
Screenshots90 daysYes
Daily AI summaries365 daysNo
Audit logs180 daysNo

Data is permanently deleted — not archived — after the retention period. The deletion job runs nightly.

8. Third-Party Services

  • Anthropic Claude AI — used only for generating daily summaries. Input is limited to app names and time durations. No personal identifiers, window titles, or keystrokes are sent. Governed by Anthropic's privacy policy.
  • Email (SMTP) — used to send daily digest emails. Configured by the organisation admin using their own SMTP credentials. Email addresses of designated recipients only.
  • Stripe — used for payment processing on cloud plans. PCMonitor does not store credit card information.

9. Employee Rights

Employees have the following rights regarding their data:

  • Access — request a copy of all data recorded about you
  • Correction — request correction of inaccurate data
  • Deletion — request deletion of all your data (subject to the organisation's legal retention requirements)
  • Portability — request your data in CSV format via the dashboard export feature
  • Withdrawal of consent — uninstall the agent at any time; collection stops immediately

To exercise these rights, contact your organisation's manager/admin first. For unresolved disputes, email privacy@imazyn.com.

10. Children's Privacy

PCMonitor is a B2B service intended for workplace use only. We do not knowingly collect data from individuals under 18 years of age.

11. Changes to This Policy

We may update this policy periodically. If material changes are made, we will notify the organisation admin by email at least 14 days before the changes take effect. Continued use after that date constitutes acceptance.

12. Contact